MINOR: cli: make "show errors" capable of dumping only request or response

When dealing with many proxies, it's hard to spot response errors because
all internet-facing frontends constantly receive attacks. This patch now
makes it possible to demand that only request or response errors are dumped
by appending "request" or "reponse" to the show errors command.

diff --git a/doc/management.txt b/doc/management.txt
index 0bfefcd98731fdc12766ec1f259deabd9dd9bbe2..7f338b96d5b7b436021aad455fb260614a313545 100644 (file)
--- a/doc/management.txt
+++ b/doc/management.txt
@@ -1684,13 +1684,15 @@ show env [<name>]
   ensure that they contain the expected values. This command is restricted and
   can only be issued on sockets configured for levels "operator" or "admin".
 
-show errors [<iid>|<proxy>]
+show errors [<iid>|<proxy>] [request|response]
   Dump last known request and response errors collected by frontends and
   backends. If <iid> is specified, the limit the dump to errors concerning
   either frontend or backend whose ID is <iid>. Proxy ID "-1" will cause
   all instances to be dumped. If a proxy name is specified instead, its ID
-  will be used as the filter. This command is restricted and can only be
-  issued on sockets configured for levels "operator" or "admin".
+  will be used as the filter. If "request" or "response" is added after the
+  proxy name or ID, only request or response errors will be dumped. This
+  command is restricted and can only be issued on sockets configured for
+  levels "operator" or "admin".
 
   The errors which may be collected are the last request and response errors
   caused by protocol violations, often due to invalid characters in header
@@ -1716,7 +1718,7 @@ show errors [<iid>|<proxy>]
   line.
 
   Example :
-        $ echo "show errors" | socat stdio /tmp/sock1
+        $ echo "show errors -1 response" | socat stdio /tmp/sock1
     >>> [04/Mar/2009:15:46:56.081] backend http-in (#2) : invalid response
           src 127.0.0.1, session #54, frontend fe-eth0 (#1), server s2 (#1)
           response length 213 bytes, error at position 23:

diff --git a/include/types/applet.h b/include/types/applet.h
index 26bb4ea572f139a9c80a53a2f040e6e1918dbfe9..da9f787a26dbb3bab25db603524136d354a3d508 100644 (file)
--- a/include/types/applet.h
+++ b/include/types/applet.h
@@ -81,7 +81,7 @@ struct appctx {
                struct {
                        int iid;                /* if >= 0, ID of the proxy to filter on */
                        struct proxy *px;       /* current proxy being dumped, NULL = not started yet. */
-                       unsigned int buf;       /* buffer being dumped, 0 = req, 1 = rep */
+                       unsigned int flag;      /* bit0: buffer being dumped, 0 = req, 1 = resp ; bit1=skip req ; bit2=skip resp. */
                        unsigned int sid;       /* session ID of error being dumped */
                        int ptr;                /* <0: headers, >=0 : text pointer to restart from */
                        int bol;                /* pointer to beginning of current line */

diff --git a/src/proto_http.c b/src/proto_http.c
index e0459c23e291597d083231eef8a996064ac87efc..04aaf90ebf2219ceb0482b07d820f3109f73ef97 100644 (file)
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -12925,6 +12925,11 @@ static int cli_parse_show_errors(char **args, struct appctx *appctx, void *priva
        else
                appctx->ctx.errors.iid  = -1; // dump all proxies
 
+       appctx->ctx.errors.flag = 0;
+       if (strcmp(args[3], "request") == 0)
+               appctx->ctx.errors.flag |= 4; // ignore response
+       else if (strcmp(args[3], "response") == 0)
+               appctx->ctx.errors.flag |= 2; // ignore request
        appctx->ctx.errors.px = NULL;
        return 0;
 }
@@ -12962,7 +12967,6 @@ static int cli_io_handler_show_errors(struct appctx *appctx)
                }
 
                appctx->ctx.errors.px = proxy;
-               appctx->ctx.errors.buf = 0;
                appctx->ctx.errors.bol = 0;
                appctx->ctx.errors.ptr = -1;
        }
@@ -12973,10 +12977,16 @@ static int cli_io_handler_show_errors(struct appctx *appctx)
        while (appctx->ctx.errors.px) {
                struct error_snapshot *es;
 
-               if (appctx->ctx.errors.buf == 0)
+               if ((appctx->ctx.errors.flag & 1) == 0) {
                        es = &appctx->ctx.errors.px->invalid_req;
-               else
+                       if (appctx->ctx.errors.flag & 2) // skip req
+                               goto next;
+               }
+               else {
                        es = &appctx->ctx.errors.px->invalid_rep;
+                       if (appctx->ctx.errors.flag & 4) // skip resp
+                               goto next;
+               }
 
                if (!es->when.tv_sec)
                        goto next;
@@ -13007,7 +13017,7 @@ static int cli_io_handler_show_errors(struct appctx *appctx)
                                port = 0;
                        }
 
-                       switch (appctx->ctx.errors.buf) {
+                       switch (appctx->ctx.errors.flag & 1) {
                        case 0:
                                chunk_appendf(&trash,
                                             " frontend %s (#%d): invalid request\n"
@@ -13081,11 +13091,9 @@ static int cli_io_handler_show_errors(struct appctx *appctx)
        next:
                appctx->ctx.errors.bol = 0;
                appctx->ctx.errors.ptr = -1;
-               appctx->ctx.errors.buf++;
-               if (appctx->ctx.errors.buf > 1) {
-                       appctx->ctx.errors.buf = 0;
+               appctx->ctx.errors.flag ^= 1;
+               if (!(appctx->ctx.errors.flag & 1))
                        appctx->ctx.errors.px = appctx->ctx.errors.px->next;
-               }
        }
 
        /* dump complete */